Another facet of this is that the devices can be tracked, whether or not the user is using it or making a call. As long as it is on and available to receive a call (communicating with the base) it can be identified and a coarse location determined. If it were me in the law-enforcement role, the way I would use this is to identify devices in an area of interest (the protest locations) and record the identifiers over a series of days/nights. Eliminating devices which did not appear during a majority of the observed days lets you focus on the core group of people present at the events. (This will include media, people who live/work in the area, police and civil support themselves, etc.) Some careful trimming of the data by time of day will help reduce the "noise". Then you have a subset to focus investigations on. If I were on the other side, I'd make good use of WiFi (fixed and hotspots), VoIP, and "burners" (prepaid phones bought with cash and no ID - don't know if that's possible in all countries). Those are easy protections. Defense can get more technical and fiddle with the device IDs, but that likely crosses a line - and I'd want to be pure as the driven snow if I was at high risk of being arrested at some point.
First off, Congratulations! Including files related to my 4 year old, I've got about 100GB of media. I recommend the 3-2-1 Backup method: 3 copies of the data, on 2 different drives/media, 1 of them off-site. I do this by having a "primary" copy of the data on a machine at home, which I copy to a backup drive periodically. The primary also gets rsync'd nightly to a cheap eeePC with a 1 TB USB drive in a closet at my parents place. All this is running Linux, but you can manage with other OS's. Bonus #1: They get local access to the media via an SMB read-only share. Bonus #2: I gave them a writable share for THEIR data, which is rsync'd nightly to our place as a backup. You can do this with friends, etc. Being on the same ISP helps as the sync traffic can stay in the provider cloud. I've also used Amazon S3 (~US$13/month for 100GB of non-redundant storage) and I still use rsync.net for more limited critical documents (encrypted), though their price doesn't scale well for large, static data sets (they don't charge for bandwidth so relatively small but dynamic data is a good fit).
No, s/he's talking about the ECU dropping the injector dwell to zero because the accessories can be run from the inertia of the car. Engine revs come from the wheels/transmission, not combustion, actually a lot like a hybrid's regenerative brakes. You can actually watch this happen in reverse when you get close to stopping because the revs are too low to sustain drive and the ECU starts fuel flow again, causing a slight blip in RPM as it transitions to idle. (This is also when the transmission disengages.)
Some provide a choice: company laptop with maintenance or your own device but you do the maintenance.
I can't wait for this, and the ensuing lawsuits. Am I lawsuit happy? Perhaps, but the first time client PII or similar data is lost through this practice, there will be a lawsuit faster than you can say "failure to perform due diligence".
That said I believe there are "right" ways to do this. Virtual machines, remote desktops, mobile apps, sandboxes, etc. My company has no problem buying an employee a Mac or Linux machine or iPad when the work really requires it. With apologies to MasterCard, for everything else there's VirtualBox.
I say we fix this oversight from 30 YEARS AGO by developing a new addressing scheme, compatible to an extent with the original, that can be overlaid on the network and distributed more evenly around the world. Oh, and make it bigger, too, so we don't revisit this problem for a while. Who's in?
The IntelliDrive program has been working on this for a while, and the OEMs are starting to test this on the road. You can look at some concept videos.
The RF band is around 5.4GHz, allocated specifically for short-range transportation communication.
I don't like the backscatter machines OR the pat-downs, but I saw this and it raised some questions. Now I'm a Schneier fan-boy, and we even work in the same field, but let's take the NY 9/11 attack as a comparison (2819 according to NYMag).
So for the scanner to be deadlier than just that attack, it would have to kill 16 extra people a year for a bit over 176 years. Am I missing something?
For further comparison there's an 9/11-equivalent loss of life on US road every 27 days (using 2008 numbers from the 'pedia.) Maybe it's me, but I don't see it being more deadly than terrorists. That said, I'm not going in them - radiation is cumulative. RF (the MM-wave scanners) is not.
"Eve Tokimatsuri" from Megazone 23 came out in March of 1985. Note this is an Anime OVA, and I suspect influenced the desires of the folks working on Hatsune Miku. My only remaining questions are when the aliens attack our Dyson Sphere-like satellite city, and where to get my Garland prototype.
There are two main approaches to government contracting: Lowest Cost and Best Value. Contrary to popular belief, Lowest Cost is not always the one chosen, by a long shot. I also previously misunderstood "Close enough for government work." Turns out most "government work" has very specific requirements and specifications, or you don't get paid. If you see something different, please call Waste, Fraud & Abuse.
Just a thought... I suggest a number of different exams (say 4, for a class size of 30?), randomly distributed to the students. This will help mitigate answer copying (unless the miscreants have the same version) - sending a question to get an answer means the answer provider has to do two or more exams, not just their own. You can't eliminate cheating, but you can raise the effort required to do it. This also means more work for you, but so would denying RF or IR comms, crib sheets, etc., and is less technically complex. Use a mix of different questions and the same questions with different parameters.
This is correct, the SSN is an identifier. (Yes, I know the card is marked not to use as identification, but that's different. The problem is that a secure transaction (on-line or off), requires an identifier and an authenticator. An identifier is like a username - it identifies who the party is. An authenticator is like a password - it attempts to confirm the entity supplying the identifier is the real one.
The problem is that the SSN is used as both identifier and authenticator, which is an inherent flaw. The SSN is a de-facto identifier. Any attempt to use it as a shared secret authenticator is doomed.
Free-To-Air (FTA) feeds and Wildfeeds are plentiful. Do some reading on http://www.satforums.com/ see if you can steer the dish, and if it's possible to enable it for Ku as well a C band (I'm guessing it's C because of the size). You can often refit a C band mesh dish to work on Ku by laying metal window screening on the surface of the reflector. Then you have to mount a KU feed at the focal point, usually offset next to the C feedhorn.
Great site to find out what you can view FTA from your location: Lyngsat, for the central US try this page. To see if you can view a satellite from your location there are simple calculators on Lyngsat.
I haven't had to store experimental results like that. My work produces prototypes, some data, demos and support documentation. There are tons of KM tools out there to manage heterogenous data in a recoverable way. We've used document repositories like Hummingbird (acceptable) and of course SharePoint. The key (literally) is including the right metadata and tags when you check in the element.
When a data set goes dormant (static) you can tarball the CVS tree or whatever and drop it in the repo.
Then there's Knowledge Discovery, something we've created tools for. They let you understand how you got that idea from three hours of web/repo surfing.
DeVry, Unitek, Sequoia Institute, University of Phoenix, etc, are all scams.
Perhaps an AC troll, but I believe this is a generalization. I went to DeVry (after community college) and learned a lot - in a specific area (BS Information Systems). Liberal arts was of course neglected - this is a technical school. My classmates appeared to have a similar experience, generally successful.
I was working in the field during and after school, and went on to get an MS in Computer Science (the BS transferred just fine). I'm about to start my PhD.
I'm now mid-career, still doing work I love for six-figures. Worked out fine for me, and I'm NOT the top of my class or the most successful in the group.
Job placement is always what you make of it, and especially so during hard economic times. At my DeVry campus the IS program was a feeder to places like CBIT (Cincinatti Bell IT) who sucked up programmers as fast as they could be made. I, however, went to smaller local IT shops, as I more quickly would become the "smartest guy in the room", which afforded me flexibility to learn a great deal. Right now this would be much harder; programming being outsourced, stressed economy, etc. I highly recommend professional networking, getting to know what your peers are interested in and making sure they know what YOU are looking for. I started that late, thinking I wanted to get a job on merit rather than contacts. I didn't realize you have to find the opportunity first, then get it on merit. Professional associations in your field are wonderful for this, are cheap(er) for students, and usually like having fresh blood to complement the greybeards.
I do agree with the approach of starting with a community college - often the best bang for your buck, especially for the first two years. Then transfer to a four-year school who is credible in your field (which you might have only THEN decided upon). I also agree regarding applying for grants and scholarships. In fact, DeVry was truly outstanding in this, getting me grants I'd never heard of. The rest went on the ten-year student loan program.
DSL performance drops with distance, which is a factor in rural areas. You may be able to get 1.5mbits out to 9 or 10 thousand feet. If you're lucky you can still get SDSL 128K at 27K feet (which is really ISDN 2B+D bonded), but that's pretty much the limit out to 33K feet. There are some newer technologies for DSL, but I expect them to also suffer over distance. Fiber of course avoids much of this, but there's the cost of running it.
On the other hand, first responders may need location data in order to save lives and respond to 911 calls.
Enhanced 911 Phase 2 already requires wireless phone providers to deliver sub-300 meter accurate positions of 911 callers to the responding Public Safety Answering Point. This takes full effect in September 2012. 95% of subscriber phones were required to provide such location data by 2005.
So that entire section of the TFS is a red herring.
This is great intel, no doubt. There's a bit of irony in reporting vulnerabilities in malware - can I get a CVE for that? Counter-attack has a bunch of potential issues, though. The primary one is attack attribution, and the other primary one is that it's not legal in many places (including the United States) to counter-attack your attacker. If you execute code or access a system without the permission of the system-owner, you're in the same crime category as the original miscreant.
Acrobat Reader requires a reboot because it has kernel wedges for DRM. The whole concept of messing with the reference monitor negates system integrity. Reader (and its ilk) are great because it keeps us in the security field fully employed forever. Go Adobe!
Slashdot Mirror
Another facet of this is that the devices can be tracked, whether or not the user is using it or making a call. As long as it is on and available to receive a call (communicating with the base) it can be identified and a coarse location determined. If it were me in the law-enforcement role, the way I would use this is to identify devices in an area of interest (the protest locations) and record the identifiers over a series of days/nights. Eliminating devices which did not appear during a majority of the observed days lets you focus on the core group of people present at the events. (This will include media, people who live/work in the area, police and civil support themselves, etc.) Some careful trimming of the data by time of day will help reduce the "noise". Then you have a subset to focus investigations on. If I were on the other side, I'd make good use of WiFi (fixed and hotspots), VoIP, and "burners" (prepaid phones bought with cash and no ID - don't know if that's possible in all countries). Those are easy protections. Defense can get more technical and fiddle with the device IDs, but that likely crosses a line - and I'd want to be pure as the driven snow if I was at high risk of being arrested at some point.
First off, Congratulations! Including files related to my 4 year old, I've got about 100GB of media. I recommend the 3-2-1 Backup method: 3 copies of the data, on 2 different drives/media, 1 of them off-site. I do this by having a "primary" copy of the data on a machine at home, which I copy to a backup drive periodically. The primary also gets rsync'd nightly to a cheap eeePC with a 1 TB USB drive in a closet at my parents place. All this is running Linux, but you can manage with other OS's. Bonus #1: They get local access to the media via an SMB read-only share. Bonus #2: I gave them a writable share for THEIR data, which is rsync'd nightly to our place as a backup. You can do this with friends, etc. Being on the same ISP helps as the sync traffic can stay in the provider cloud. I've also used Amazon S3 (~US$13/month for 100GB of non-redundant storage) and I still use rsync.net for more limited critical documents (encrypted), though their price doesn't scale well for large, static data sets (they don't charge for bandwidth so relatively small but dynamic data is a good fit).
No, s/he's talking about the ECU dropping the injector dwell to zero because the accessories can be run from the inertia of the car. Engine revs come from the wheels/transmission, not combustion, actually a lot like a hybrid's regenerative brakes. You can actually watch this happen in reverse when you get close to stopping because the revs are too low to sustain drive and the ECU starts fuel flow again, causing a slight blip in RPM as it transitions to idle. (This is also when the transmission disengages.)
"The future could see smartphone's containing as much processing power as your current desktop."
"So I'll have to wait 5 minutes before my smartphone has finally booted?"
Yup. Same as it ever was. Next up: Implant boot times.
I can't wait for this, and the ensuing lawsuits. Am I lawsuit happy? Perhaps, but the first time client PII or similar data is lost through this practice, there will be a lawsuit faster than you can say "failure to perform due diligence".
That said I believe there are "right" ways to do this. Virtual machines, remote desktops, mobile apps, sandboxes, etc. My company has no problem buying an employee a Mac or Linux machine or iPad when the work really requires it. With apologies to MasterCard, for everything else there's VirtualBox.
I say we fix this oversight from 30 YEARS AGO by developing a new addressing scheme, compatible to an extent with the original, that can be overlaid on the network and distributed more evenly around the world. Oh, and make it bigger, too, so we don't revisit this problem for a while. Who's in?
The RF band is around 5.4GHz, allocated specifically for short-range transportation communication.
So for the scanner to be deadlier than just that attack, it would have to kill 16 extra people a year for a bit over 176 years. Am I missing something?
For further comparison there's an 9/11-equivalent loss of life on US road every 27 days (using 2008 numbers from the 'pedia.) Maybe it's me, but I don't see it being more deadly than terrorists. That said, I'm not going in them - radiation is cumulative. RF (the MM-wave scanners) is not.
"Eve Tokimatsuri" from Megazone 23 came out in March of 1985. Note this is an Anime OVA, and I suspect influenced the desires of the folks working on Hatsune Miku. My only remaining questions are when the aliens attack our Dyson Sphere-like satellite city, and where to get my Garland prototype.
There are two main approaches to government contracting: Lowest Cost and Best Value. Contrary to popular belief, Lowest Cost is not always the one chosen, by a long shot. I also previously misunderstood "Close enough for government work." Turns out most "government work" has very specific requirements and specifications, or you don't get paid. If you see something different, please call Waste, Fraud & Abuse.
Just a thought... I suggest a number of different exams (say 4, for a class size of 30?), randomly distributed to the students. This will help mitigate answer copying (unless the miscreants have the same version) - sending a question to get an answer means the answer provider has to do two or more exams, not just their own. You can't eliminate cheating, but you can raise the effort required to do it. This also means more work for you, but so would denying RF or IR comms, crib sheets, etc., and is less technically complex. Use a mix of different questions and the same questions with different parameters.
The problem is that the SSN is used as both identifier and authenticator, which is an inherent flaw. The SSN is a de-facto identifier. Any attempt to use it as a shared secret authenticator is doomed.
Didn't Roddenberry famously refer to Star Trek as "Wagon Train to the Stars"?
Free-To-Air (FTA) feeds and Wildfeeds are plentiful. Do some reading on http://www.satforums.com/ see if you can steer the dish, and if it's possible to enable it for Ku as well a C band (I'm guessing it's C because of the size). You can often refit a C band mesh dish to work on Ku by laying metal window screening on the surface of the reflector. Then you have to mount a KU feed at the focal point, usually offset next to the C feedhorn. Great site to find out what you can view FTA from your location: Lyngsat, for the central US try this page. To see if you can view a satellite from your location there are simple calculators on Lyngsat.
I haven't had to store experimental results like that. My work produces prototypes, some data, demos and support documentation. There are tons of KM tools out there to manage heterogenous data in a recoverable way. We've used document repositories like Hummingbird (acceptable) and of course SharePoint. The key (literally) is including the right metadata and tags when you check in the element. When a data set goes dormant (static) you can tarball the CVS tree or whatever and drop it in the repo. Then there's Knowledge Discovery, something we've created tools for. They let you understand how you got that idea from three hours of web/repo surfing.
FYI, The U.S. Postal Service has the largest fleet of alternative-fuel vehicles in the world - over 43,000 (including E85 vehicles).
Perhaps an AC troll, but I believe this is a generalization. I went to DeVry (after community college) and learned a lot - in a specific area (BS Information Systems). Liberal arts was of course neglected - this is a technical school. My classmates appeared to have a similar experience, generally successful.
I was working in the field during and after school, and went on to get an MS in Computer Science (the BS transferred just fine). I'm about to start my PhD.
I'm now mid-career, still doing work I love for six-figures. Worked out fine for me, and I'm NOT the top of my class or the most successful in the group.
Job placement is always what you make of it, and especially so during hard economic times. At my DeVry campus the IS program was a feeder to places like CBIT (Cincinatti Bell IT) who sucked up programmers as fast as they could be made. I, however, went to smaller local IT shops, as I more quickly would become the "smartest guy in the room", which afforded me flexibility to learn a great deal. Right now this would be much harder; programming being outsourced, stressed economy, etc. I highly recommend professional networking, getting to know what your peers are interested in and making sure they know what YOU are looking for. I started that late, thinking I wanted to get a job on merit rather than contacts. I didn't realize you have to find the opportunity first, then get it on merit. Professional associations in your field are wonderful for this, are cheap(er) for students, and usually like having fresh blood to complement the greybeards.
I do agree with the approach of starting with a community college - often the best bang for your buck, especially for the first two years. Then transfer to a four-year school who is credible in your field (which you might have only THEN decided upon). I also agree regarding applying for grants and scholarships. In fact, DeVry was truly outstanding in this, getting me grants I'd never heard of. The rest went on the ten-year student loan program.
DSL performance drops with distance, which is a factor in rural areas. You may be able to get 1.5mbits out to 9 or 10 thousand feet. If you're lucky you can still get SDSL 128K at 27K feet (which is really ISDN 2B+D bonded), but that's pretty much the limit out to 33K feet. There are some newer technologies for DSL, but I expect them to also suffer over distance. Fiber of course avoids much of this, but there's the cost of running it.
Enhanced 911 Phase 2 already requires wireless phone providers to deliver sub-300 meter accurate positions of 911 callers to the responding Public Safety Answering Point. This takes full effect in September 2012. 95% of subscriber phones were required to provide such location data by 2005.
So that entire section of the TFS is a red herring.
This is great intel, no doubt. There's a bit of irony in reporting vulnerabilities in malware - can I get a CVE for that? Counter-attack has a bunch of potential issues, though. The primary one is attack attribution, and the other primary one is that it's not legal in many places (including the United States) to counter-attack your attacker. If you execute code or access a system without the permission of the system-owner, you're in the same crime category as the original miscreant.
Mechanical Turk? Oh, are we supposed to solve their problems for them?
Acrobat Reader requires a reboot because it has kernel wedges for DRM. The whole concept of messing with the reference monitor negates system integrity. Reader (and its ilk) are great because it keeps us in the security field fully employed forever. Go Adobe!
Juno.
Windows Mobile, Blackberry.
Santa and his workshop of open-source developers were responsible for the design of the elf binary format.